commit 2c5bbd9: [Minor] Add more mime flags
Vsevolod Stakhov
vsevolod at highsecure.ru
Mon Jan 7 16:14:06 UTC 2019
Author: Vsevolod Stakhov
Date: 2019-01-07 15:57:16 +0000
URL: https://github.com/rspamd/rspamd/commit/2c5bbd96628f35ea01a4fc91e74cb3ca95f750ba
[Minor] Add more mime flags
---
rules/regexp/headers.lua | 40 +++++++++++++++++++++++++++++-----------
src/plugins/lua/hfilter.lua | 20 +++++++++++++++-----
2 files changed, 44 insertions(+), 16 deletions(-)
diff --git a/rules/regexp/headers.lua b/rules/regexp/headers.lua
index b9993f7ce..7abf52bb0 100644
--- a/rules/regexp/headers.lua
+++ b/rules/regexp/headers.lua
@@ -30,6 +30,7 @@ local subject_needs_mime = 'Subject=/[\\x00-\\x08\\x0b\\x0c\\x0e-\\x1f\\x7f-\\xf
reconf['SUBJECT_NEEDS_ENCODING'] = {
re = string.format('!(%s) & !(%s) & (%s)', subject_encoded_b64, subject_encoded_qp, subject_needs_mime),
score = 1.0,
+ mime_only = true,
description = 'Subject needs encoding',
group = 'headers'
}
@@ -40,6 +41,7 @@ local raw_from_needs_mime = 'From=/[\\x00-\\x08\\x0b\\x0c\\x0e-\\x1f\\x7f-\\xff]
reconf['FROM_NEEDS_ENCODING'] = {
re = string.format('!(%s) & !(%s) & (%s)', from_encoded_b64, from_encoded_qp, raw_from_needs_mime),
score = 1.0,
+ mime_only = true,
description = 'From header needs encoding',
group = 'headers'
}
@@ -50,6 +52,7 @@ local raw_to_needs_mime = 'To=/[\\x00-\\x08\\x0b\\x0c\\x0e-\\x1f\\x7f-\\xff]/X'
reconf['TO_NEEDS_ENCODING'] = {
re = string.format('!(%s) & !(%s) & (%s)', to_encoded_b64, to_encoded_qp, raw_to_needs_mime),
score = 1.0,
+ mime_only = true,
description = 'To header needs encoding',
group = 'headers'
}
@@ -58,6 +61,7 @@ reconf['TO_NEEDS_ENCODING'] = {
reconf['R_NO_SPACE_IN_FROM'] = {
re = 'From=/\\S<[-\\w\\.]+\\@[-\\w\\.]+>/X',
score = 1.0,
+ mime_only = true,
description = 'No space in from header',
group = 'headers'
}
@@ -65,6 +69,7 @@ reconf['R_NO_SPACE_IN_FROM'] = {
reconf['TO_WRAPPED_IN_SPACES'] = {
re = [[To=/<\s[-.\w]+\@[-.\w]+\s>/X]],
score = 2.0,
+ mime_only = true,
description = 'To address is wrapped in spaces inside angle brackets (e.g. display-name < local-part at domain >)',
group = 'headers'
}
@@ -73,12 +78,14 @@ reconf['TO_WRAPPED_IN_SPACES'] = {
reconf['MISSING_SUBJECT'] = {
re = '!raw_header_exists(Subject)',
score = 2.0,
+ mime_only = true,
description = 'Subject header is missing',
group = 'headers'
}
rspamd_config.EMPTY_SUBJECT = {
score = 1.0,
+ mime_only = true,
description = 'Subject header is empty',
group = 'headers',
callback = function(task)
@@ -95,7 +102,8 @@ reconf['MISSING_TO'] = {
re = '!raw_header_exists(To)',
score = 2.0,
description = 'To header is missing',
- group = 'headers'
+ group = 'headers',
+ mime_only = true,
}
-- Detects undisclosed recipients
@@ -104,7 +112,8 @@ reconf['R_UNDISC_RCPT'] = {
re = string.format('(%s)', undisc_rcpt),
score = 3.0,
description = 'Recipients are absent or undisclosed',
- group = 'headers'
+ group = 'headers',
+ mime_only = true,
}
-- Detects missing Message-Id
@@ -113,7 +122,8 @@ reconf['MISSING_MID'] = {
re = '!header_exists(Message-Id)',
score = 2.5,
description = 'Message id is missing',
- group = 'headers'
+ group = 'headers',
+ mime_only = true,
}
-- Received seems to be fake
@@ -122,7 +132,8 @@ reconf['R_RCVD_SPAMBOTS'] = {
' [\\s\\d]?\\d [JFMAJSOND][a-z][a-z] \\d{4} \\d{2}:\\d{2}:\\d{2} [-+]\\d{4}$/mH',
score = 3.0,
description = 'Spambots signatures in received headers',
- group = 'headers'
+ group = 'headers',
+ mime_only = true,
}
-- Charset is missing in message
@@ -131,7 +142,8 @@ reconf['R_MISSING_CHARSET'] = {
'compare_transfer_encoding(7bit)'),
score = 2.5,
description = 'Charset is missing in a message',
- group = 'headers'
+ group = 'headers',
+ mime_only = true,
}
-- Subject seems to be spam
@@ -139,7 +151,8 @@ reconf['R_SAJDING'] = {
re = 'Subject=/\\bsajding(?:om|a)?\\b/iH',
score = 8.0,
description = 'Subject seems to be spam',
- group = 'headers'
+ group = 'headers',
+ mime_only = true,
}
-- Find forged Outlook MUA
@@ -152,7 +165,8 @@ reconf['FORGED_OUTLOOK_HTML'] = {
re = string.format('!%s & %s & %s', yahoo_bulk, outlook_mua, 'has_only_html_part()'),
score = 5.0,
description = 'Forged outlook HTML signature',
- group = 'headers'
+ group = 'headers',
+ mime_only = true,
}
-- Recipients seems to be likely with each other (only works when recipients count is more than 5 recipients)
@@ -160,7 +174,8 @@ reconf['SUSPICIOUS_RECIPS'] = {
re = 'compare_recipients_distance(0.65)',
score = 1.5,
description = 'Recipients seems to be autogenerated (works if recipients count is more than 5)',
- group = 'headers'
+ group = 'headers',
+ mime_only = true,
}
-- Recipients list seems to be sorted
@@ -168,7 +183,8 @@ reconf['SORTED_RECIPS'] = {
re = 'is_recipients_sorted()',
score = 3.5,
description = 'Recipients list seems to be sorted',
- group = 'headers'
+ group = 'headers',
+ mime_only = true,
}
-- Spam string at the end of message to make statistics faults
@@ -176,7 +192,8 @@ reconf['TRACKER_ID'] = {
re = '/^[a-z0-9]{6,24}[-_a-z0-9]{12,36}[a-z0-9]{6,24}\\s*\\z/isPr',
score = 3.84,
description = 'Spam string at the end of message to make statistics fault',
- group = 'headers'
+ group = 'headers',
+ mime_only = true,
}
-- From contains only 7bit characters (parsed headers are used)
@@ -186,7 +203,8 @@ reconf['FROM_EXCESS_BASE64'] = {
re = string.format('%s & !%s', from_encoded_b64, from_needs_mime),
score = 1.5,
description = 'From that contains encoded characters while base 64 is not needed as all symbols are 7bit',
- group = 'excessb64'
+ group = 'excessb64',
+ mime_only = true,
}
-- From that contains encoded characters while quoted-printable is not needed as all symbols are 7bit
diff --git a/src/plugins/lua/hfilter.lua b/src/plugins/lua/hfilter.lua
index 334378ba4..4427234a3 100644
--- a/src/plugins/lua/hfilter.lua
+++ b/src/plugins/lua/hfilter.lua
@@ -323,7 +323,7 @@ local function check_host(task, host, symbol_suffix, eq_ip, eq_host)
end
--
-local function hfilter(task)
+local function hfilter_callback(task)
-- Links checks
if config['url_enabled'] then
local parts = task:get_text_parts()
@@ -626,16 +626,26 @@ end
--dumper(symbols_enabled)
if #symbols_enabled > 0 then
- rspamd_config:register_symbols(hfilter, 1.0, "HFILTER", symbols_enabled);
+ local id = rspamd_config:register_symbol{
+ name = 'HFILTER',
+ callback = hfilter_callback,
+ type = 'callback,mime',
+ score = 0.0,
+ }
rspamd_config:set_metric_symbol({
name = 'HFILTER',
score = 0.0,
group = 'hfilter'
})
-
- for _,s in ipairs(symbols_enabled) do
+ for _,sym in ipairs(symbols_enabled) do
+ rspamd_config:register_symbol{
+ type = 'virtual,mime',
+ score = 1.0,
+ parent = id,
+ name = sym,
+ }
rspamd_config:set_metric_symbol({
- name = s,
+ name = sym,
score = 0.0,
group = 'hfilter'
})
More information about the Commits
mailing list